Microsoft Exchange Server

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in Microsoft Exchange Server.

Recent Microsoft Exchange Server Security Advisories

Advisory	Title	Published
CVE-2024-49040	CVE-2024-49040 Microsoft Exchange Server Spoofing Vulnerability	November 12, 2024
CVE-2024-26198	Microsoft Exchange Server Remote Code Execution Vulnerability	March 12, 2024
CVE-2024-21410	Microsoft Exchange Server Elevation of Privilege Vulnerability	February 13, 2024
CVE-2023-36439	Microsoft Exchange Server Remote Code Execution Vulnerability	November 14, 2023
CVE-2023-36039	Microsoft Exchange Server Spoofing Vulnerability	November 14, 2023
CVE-2023-36050	Microsoft Exchange Server Spoofing Vulnerability	November 14, 2023
CVE-2023-36035	Microsoft Exchange Server Spoofing Vulnerability	November 14, 2023
CVE-2023-36778	Microsoft Exchange Server Remote Code Execution Vulnerability	October 10, 2023
CVE-2023-36757	Microsoft Exchange Server Spoofing Vulnerability	September 12, 2023
CVE-2023-36745	Microsoft Exchange Server Remote Code Execution Vulnerability	September 12, 2023

By the Year

In 2025 there have been 0 vulnerabilities in Microsoft Exchange Server. Last year, in 2024 Exchange Server had 3 security vulnerabilities published. Right now, Exchange Server is on track to have less security vulnerabilities in 2025 than it did last year.

Year	Vulnerabilities	Average Score
2025	0	0.00
2024	3	8.70
2023	27	8.13
2022	18	7.81
2021	31	7.84
2020	14	7.74
2019	12	7.23
2018	16	6.58

It may take a day or so for new Exchange Server vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Microsoft Exchange Server Security Vulnerabilities

Microsoft Exchange Server Spoofing Vulnerability

CVE-2024-49040 7.5 - High - November 12, 2024

Microsoft Exchange Server Spoofing Vulnerability

User Interface (UI) Misrepresentation of Critical Information

Microsoft Exchange Server Remote Code Execution Vulnerability

CVE-2024-26198 8.8 - High - March 12, 2024

Microsoft Exchange Server Remote Code Execution Vulnerability

Exchange Server Privilege Escalation via Net-NTLMv2 hash

CVE-2024-21410 9.8 - Critical - February 13, 2024

Microsoft Exchange Server Elevation of Privilege Vulnerability

Microsoft Exchange Server Spoofing Vulnerability

CVE-2023-36035 8 - High - November 14, 2023

Microsoft Exchange Server Spoofing Vulnerability

Microsoft Exchange Server Spoofing Vulnerability

CVE-2023-36039 8 - High - November 14, 2023

Microsoft Exchange Server Spoofing Vulnerability

Microsoft Exchange Server Remote Code Execution Vulnerability

CVE-2023-36439 8 - High - November 14, 2023

Microsoft Exchange Server Remote Code Execution Vulnerability

Microsoft Exchange Server Spoofing Vulnerability

CVE-2023-36050 8 - High - November 14, 2023

Microsoft Exchange Server Spoofing Vulnerability

Microsoft Exchange Server Remote Code Execution Vulnerability

CVE-2023-36778 8 - High - October 10, 2023

Microsoft Exchange Server Remote Code Execution Vulnerability

Microsoft Exchange Server Remote Code Execution Vulnerability

CVE-2023-36744 8 - High - September 12, 2023

Microsoft Exchange Server Remote Code Execution Vulnerability

Microsoft Exchange Server Remote Code Execution Vulnerability

CVE-2023-36745 8 - High - September 12, 2023

Microsoft Exchange Server Remote Code Execution Vulnerability

Microsoft Exchange Server Remote Code Execution Vulnerability

CVE-2023-36756 8 - High - September 12, 2023

Microsoft Exchange Server Remote Code Execution Vulnerability

Microsoft Exchange Server Spoofing Vulnerability

CVE-2023-36757 8 - High - September 12, 2023

Microsoft Exchange Server Spoofing Vulnerability

Microsoft Exchange Server Information Disclosure Vulnerability

CVE-2023-36777 5.7 - Medium - September 12, 2023

Microsoft Exchange Server Information Disclosure Vulnerability

Microsoft Exchange Remote Code Execution Vulnerability

CVE-2023-35368 8.8 - High - August 08, 2023

Microsoft Exchange Remote Code Execution Vulnerability

Microsoft Exchange Server Spoofing Vulnerability

CVE-2023-38181 8.8 - High - August 08, 2023

Microsoft Exchange Server Spoofing Vulnerability

Microsoft Exchange Server Remote Code Execution Vulnerability

CVE-2023-38182 8 - High - August 08, 2023

Microsoft Exchange Server Remote Code Execution Vulnerability

Microsoft Exchange Server Remote Code Execution Vulnerability

CVE-2023-38185 8.8 - High - August 08, 2023

Microsoft Exchange Server Remote Code Execution Vulnerability

Microsoft Exchange Server Elevation of Privilege Vulnerability

CVE-2023-21709 9.8 - Critical - August 08, 2023

Microsoft Exchange Server Elevation of Privilege Vulnerability

Improper Restriction of Excessive Authentication Attempts

Microsoft Exchange Server Remote Code Execution Vulnerability

CVE-2023-35388 8 - High - August 08, 2023

Microsoft Exchange Server Remote Code Execution Vulnerability

Microsoft Exchange Server Remote Code Execution Vulnerability

CVE-2023-28310 8 - High - June 14, 2023

Microsoft Exchange Server Remote Code Execution Vulnerability

Microsoft Exchange Server Remote Code Execution Vulnerability

CVE-2023-32031 8.8 - High - June 14, 2023

Microsoft Exchange Server Remote Code Execution Vulnerability

Microsoft Exchange Server Remote Code Execution Vulnerability

CVE-2023-21706 8.8 - High - February 14, 2023

Microsoft Exchange Server Remote Code Execution Vulnerability

Microsoft Exchange Server Remote Code Execution Vulnerability

CVE-2023-21707 8.8 - High - February 14, 2023

Microsoft Exchange Server Remote Code Execution Vulnerability

Microsoft Exchange Server Remote Code Execution Vulnerability

CVE-2023-21710 7.2 - High - February 14, 2023

Microsoft Exchange Server Remote Code Execution Vulnerability

Microsoft Exchange Server Remote Code Execution Vulnerability

CVE-2023-21529 8.8 - High - February 14, 2023

Microsoft Exchange Server Remote Code Execution Vulnerability

Microsoft Exchange Server Spoofing Vulnerability

CVE-2023-21745 8 - High - January 10, 2023

Microsoft Exchange Server Spoofing Vulnerability

Microsoft Exchange Server Elevation of Privilege Vulnerability

CVE-2023-21764 7.8 - High - January 10, 2023

Microsoft Exchange Server Elevation of Privilege Vulnerability

Microsoft Exchange Server Elevation of Privilege Vulnerability

CVE-2023-21763 7.8 - High - January 10, 2023

Microsoft Exchange Server Elevation of Privilege Vulnerability

Microsoft Exchange Server Information Disclosure Vulnerability

CVE-2023-21761 7.5 - High - January 10, 2023

Microsoft Exchange Server Information Disclosure Vulnerability

Microsoft Exchange Server Spoofing Vulnerability

CVE-2023-21762 8 - High - January 10, 2023

Microsoft Exchange Server Spoofing Vulnerability

Microsoft Exchange Server Spoofing Vulnerability

CVE-2022-41078 8 - High - November 09, 2022

Microsoft Exchange Server Spoofing Vulnerability

Microsoft Exchange Server Spoofing Vulnerability

CVE-2022-41079 8 - High - November 09, 2022

Microsoft Exchange Server Spoofing Vulnerability

Microsoft Exchange Server Elevation of Privilege Vulnerability

CVE-2022-41080 8.8 - High - November 09, 2022

Microsoft Exchange Server Elevation of Privilege Vulnerability

Microsoft Exchange Server Elevation of Privilege Vulnerability

CVE-2022-41123 7.8 - High - November 09, 2022

Microsoft Exchange Server Elevation of Privilege Vulnerability

Microsoft Exchange Server Elevation of Privilege Vulnerability

CVE-2022-41040 8.8 - High - October 03, 2022

Microsoft Exchange Server Elevation of Privilege Vulnerability

SSRF

Microsoft Exchange Server Remote Code Execution Vulnerability

CVE-2022-41082 8 - High - October 03, 2022

Microsoft Exchange Server Remote Code Execution Vulnerability

Marshaling, Unmarshaling

Microsoft Exchange Server Information Disclosure Vulnerability

CVE-2022-34692 5.3 - Medium - August 09, 2022

Microsoft Exchange Server Information Disclosure Vulnerability

Microsoft Exchange Server Information Disclosure Vulnerability

CVE-2022-21979 4.8 - Medium - August 09, 2022

Microsoft Exchange Server Information Disclosure Vulnerability

Microsoft Exchange Server Elevation of Privilege Vulnerability

CVE-2022-21980 8 - High - August 09, 2022

Microsoft Exchange Server Elevation of Privilege Vulnerability

Microsoft Exchange Server Elevation of Privilege Vulnerability

CVE-2022-24477 8 - High - August 09, 2022

Microsoft Exchange Server Elevation of Privilege Vulnerability

Microsoft Exchange Server Elevation of Privilege Vulnerability

CVE-2022-24516 8 - High - August 09, 2022

Microsoft Exchange Server Elevation of Privilege Vulnerability

Microsoft Exchange Server Information Disclosure Vulnerability

CVE-2022-30134 6.5 - Medium - August 09, 2022

Microsoft Exchange Server Information Disclosure Vulnerability

Microsoft Exchange Server Elevation of Privilege Vulnerability

CVE-2022-21978 8.2 - High - May 10, 2022

Microsoft Exchange Server Elevation of Privilege Vulnerability

Microsoft Exchange Server Spoofing Vulnerability

CVE-2022-24463 6.5 - Medium - March 09, 2022

Microsoft Exchange Server Spoofing Vulnerability

Microsoft Exchange Server Remote Code Execution Vulnerability

CVE-2022-23277 8.8 - High - March 09, 2022

Microsoft Exchange Server Remote Code Execution Vulnerability

Microsoft Exchange Server Remote Code Execution Vulnerability

CVE-2022-21969 9 - Critical - January 11, 2022

Microsoft Exchange Server Remote Code Execution Vulnerability

Microsoft Exchange Server Remote Code Execution Vulnerability

CVE-2022-21855 9 - Critical - January 11, 2022

Microsoft Exchange Server Remote Code Execution Vulnerability

Microsoft Exchange Server Remote Code Execution Vulnerability

CVE-2022-21846 9 - Critical - January 11, 2022

Microsoft Exchange Server Remote Code Execution Vulnerability

Microsoft Exchange Server Spoofing Vulnerability

CVE-2021-42305 6.5 - Medium - November 10, 2021

Microsoft Exchange Server Spoofing Vulnerability

Microsoft Exchange Server Remote Code Execution Vulnerability

CVE-2021-42321 8.8 - High - November 10, 2021

Microsoft Exchange Server Remote Code Execution Vulnerability

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Microsoft Exchange Server or by Microsoft? Click the Watch button to subscribe.

Microsoft
Vendor

Microsoft Exchange Server
Product

Microsoft Exchange Server

Don't miss out!

Recent Microsoft Exchange Server Security Advisories

By the Year

Recent Microsoft Exchange Server Security Vulnerabilities

Microsoft Exchange Server Spoofing Vulnerability CVE-2024-49040 7.5 - High - November 12, 2024

Microsoft Exchange Server Remote Code Execution Vulnerability CVE-2024-26198 8.8 - High - March 12, 2024

Exchange Server Privilege Escalation via Net-NTLMv2 hash CVE-2024-21410 9.8 - Critical - February 13, 2024

Microsoft Exchange Server Spoofing Vulnerability CVE-2023-36035 8 - High - November 14, 2023

Microsoft Exchange Server Spoofing Vulnerability CVE-2023-36039 8 - High - November 14, 2023

Microsoft Exchange Server Remote Code Execution Vulnerability CVE-2023-36439 8 - High - November 14, 2023

Microsoft Exchange Server Spoofing Vulnerability CVE-2023-36050 8 - High - November 14, 2023

Microsoft Exchange Server Remote Code Execution Vulnerability CVE-2023-36778 8 - High - October 10, 2023

Microsoft Exchange Server Remote Code Execution Vulnerability CVE-2023-36744 8 - High - September 12, 2023

Microsoft Exchange Server Remote Code Execution Vulnerability CVE-2023-36745 8 - High - September 12, 2023

Microsoft Exchange Server Remote Code Execution Vulnerability CVE-2023-36756 8 - High - September 12, 2023

Microsoft Exchange Server Spoofing Vulnerability CVE-2023-36757 8 - High - September 12, 2023

Microsoft Exchange Server Information Disclosure Vulnerability CVE-2023-36777 5.7 - Medium - September 12, 2023

Microsoft Exchange Remote Code Execution Vulnerability CVE-2023-35368 8.8 - High - August 08, 2023

Microsoft Exchange Server Spoofing Vulnerability CVE-2023-38181 8.8 - High - August 08, 2023

Microsoft Exchange Server Remote Code Execution Vulnerability CVE-2023-38182 8 - High - August 08, 2023

Microsoft Exchange Server Remote Code Execution Vulnerability CVE-2023-38185 8.8 - High - August 08, 2023

Microsoft Exchange Server Elevation of Privilege Vulnerability CVE-2023-21709 9.8 - Critical - August 08, 2023

Microsoft Exchange Server Remote Code Execution Vulnerability CVE-2023-35388 8 - High - August 08, 2023

Microsoft Exchange Server Remote Code Execution Vulnerability CVE-2023-28310 8 - High - June 14, 2023

Microsoft Exchange Server Remote Code Execution Vulnerability CVE-2023-32031 8.8 - High - June 14, 2023

Microsoft Exchange Server Remote Code Execution Vulnerability CVE-2023-21706 8.8 - High - February 14, 2023

Microsoft Exchange Server Remote Code Execution Vulnerability CVE-2023-21707 8.8 - High - February 14, 2023

Microsoft Exchange Server Remote Code Execution Vulnerability CVE-2023-21710 7.2 - High - February 14, 2023

Microsoft Exchange Server Remote Code Execution Vulnerability CVE-2023-21529 8.8 - High - February 14, 2023

Microsoft Exchange Server Spoofing Vulnerability CVE-2023-21745 8 - High - January 10, 2023

Microsoft Exchange Server Elevation of Privilege Vulnerability CVE-2023-21764 7.8 - High - January 10, 2023

Microsoft Exchange Server Elevation of Privilege Vulnerability CVE-2023-21763 7.8 - High - January 10, 2023

Microsoft Exchange Server Information Disclosure Vulnerability CVE-2023-21761 7.5 - High - January 10, 2023

Microsoft Exchange Server Spoofing Vulnerability CVE-2023-21762 8 - High - January 10, 2023

Microsoft Exchange Server Spoofing Vulnerability CVE-2022-41078 8 - High - November 09, 2022

Microsoft Exchange Server Spoofing Vulnerability CVE-2022-41079 8 - High - November 09, 2022

Microsoft Exchange Server Elevation of Privilege Vulnerability CVE-2022-41080 8.8 - High - November 09, 2022

Microsoft Exchange Server Elevation of Privilege Vulnerability CVE-2022-41123 7.8 - High - November 09, 2022

Microsoft Exchange Server Elevation of Privilege Vulnerability CVE-2022-41040 8.8 - High - October 03, 2022

Microsoft Exchange Server Remote Code Execution Vulnerability CVE-2022-41082 8 - High - October 03, 2022

Microsoft Exchange Server Information Disclosure Vulnerability CVE-2022-34692 5.3 - Medium - August 09, 2022

Microsoft Exchange Server Information Disclosure Vulnerability CVE-2022-21979 4.8 - Medium - August 09, 2022

Microsoft Exchange Server Elevation of Privilege Vulnerability CVE-2022-21980 8 - High - August 09, 2022

Microsoft Exchange Server Elevation of Privilege Vulnerability CVE-2022-24477 8 - High - August 09, 2022

Microsoft Exchange Server Elevation of Privilege Vulnerability CVE-2022-24516 8 - High - August 09, 2022

Microsoft Exchange Server Information Disclosure Vulnerability CVE-2022-30134 6.5 - Medium - August 09, 2022

Microsoft Exchange Server Elevation of Privilege Vulnerability CVE-2022-21978 8.2 - High - May 10, 2022

Microsoft Exchange Server Spoofing Vulnerability CVE-2022-24463 6.5 - Medium - March 09, 2022

Microsoft Exchange Server Remote Code Execution Vulnerability CVE-2022-23277 8.8 - High - March 09, 2022

Microsoft Exchange Server Remote Code Execution Vulnerability CVE-2022-21969 9 - Critical - January 11, 2022

Microsoft Exchange Server Remote Code Execution Vulnerability CVE-2022-21855 9 - Critical - January 11, 2022

Microsoft Exchange Server Remote Code Execution Vulnerability CVE-2022-21846 9 - Critical - January 11, 2022

Microsoft Exchange Server Spoofing Vulnerability CVE-2021-42305 6.5 - Medium - November 10, 2021

Microsoft Exchange Server Remote Code Execution Vulnerability CVE-2021-42321 8.8 - High - November 10, 2021

Stay on top of Security Vulnerabilities

Microsoft Vendor

Microsoft Exchange ServerProduct

Microsoft Exchange Server Spoofing Vulnerability

CVE-2024-49040 7.5 - High - November 12, 2024

Microsoft Exchange Server Remote Code Execution Vulnerability

CVE-2024-26198 8.8 - High - March 12, 2024

Exchange Server Privilege Escalation via Net-NTLMv2 hash

CVE-2024-21410 9.8 - Critical - February 13, 2024

Microsoft Exchange Server Spoofing Vulnerability

CVE-2023-36035 8 - High - November 14, 2023

Microsoft Exchange Server Spoofing Vulnerability

CVE-2023-36039 8 - High - November 14, 2023

Microsoft Exchange Server Remote Code Execution Vulnerability

CVE-2023-36439 8 - High - November 14, 2023

Microsoft Exchange Server Spoofing Vulnerability

CVE-2023-36050 8 - High - November 14, 2023

Microsoft Exchange Server Remote Code Execution Vulnerability

CVE-2023-36778 8 - High - October 10, 2023

Microsoft Exchange Server Remote Code Execution Vulnerability

CVE-2023-36744 8 - High - September 12, 2023

Microsoft Exchange Server Remote Code Execution Vulnerability

CVE-2023-36745 8 - High - September 12, 2023

Microsoft Exchange Server Remote Code Execution Vulnerability

CVE-2023-36756 8 - High - September 12, 2023

Microsoft Exchange Server Spoofing Vulnerability

CVE-2023-36757 8 - High - September 12, 2023

Microsoft Exchange Server Information Disclosure Vulnerability

CVE-2023-36777 5.7 - Medium - September 12, 2023

Microsoft Exchange Remote Code Execution Vulnerability

CVE-2023-35368 8.8 - High - August 08, 2023

Microsoft Exchange Server Spoofing Vulnerability

CVE-2023-38181 8.8 - High - August 08, 2023

Microsoft Exchange Server Remote Code Execution Vulnerability

CVE-2023-38182 8 - High - August 08, 2023

Microsoft Exchange Server Remote Code Execution Vulnerability

CVE-2023-38185 8.8 - High - August 08, 2023

Microsoft Exchange Server Elevation of Privilege Vulnerability

CVE-2023-21709 9.8 - Critical - August 08, 2023

Microsoft Exchange Server Remote Code Execution Vulnerability

CVE-2023-35388 8 - High - August 08, 2023

Microsoft Exchange Server Remote Code Execution Vulnerability

CVE-2023-28310 8 - High - June 14, 2023

Microsoft Exchange Server Remote Code Execution Vulnerability

CVE-2023-32031 8.8 - High - June 14, 2023

Microsoft Exchange Server Remote Code Execution Vulnerability

CVE-2023-21706 8.8 - High - February 14, 2023

Microsoft Exchange Server Remote Code Execution Vulnerability

CVE-2023-21707 8.8 - High - February 14, 2023

Microsoft Exchange Server Remote Code Execution Vulnerability

CVE-2023-21710 7.2 - High - February 14, 2023

Microsoft Exchange Server Remote Code Execution Vulnerability

CVE-2023-21529 8.8 - High - February 14, 2023

Microsoft Exchange Server Spoofing Vulnerability

CVE-2023-21745 8 - High - January 10, 2023

Microsoft Exchange Server Elevation of Privilege Vulnerability

CVE-2023-21764 7.8 - High - January 10, 2023

Microsoft Exchange Server Elevation of Privilege Vulnerability

CVE-2023-21763 7.8 - High - January 10, 2023

Microsoft Exchange Server Information Disclosure Vulnerability

CVE-2023-21761 7.5 - High - January 10, 2023

Microsoft Exchange Server Spoofing Vulnerability

CVE-2023-21762 8 - High - January 10, 2023

Microsoft Exchange Server Spoofing Vulnerability

CVE-2022-41078 8 - High - November 09, 2022

Microsoft Exchange Server Spoofing Vulnerability

CVE-2022-41079 8 - High - November 09, 2022

Microsoft Exchange Server Elevation of Privilege Vulnerability

CVE-2022-41080 8.8 - High - November 09, 2022

Microsoft Exchange Server Elevation of Privilege Vulnerability

CVE-2022-41123 7.8 - High - November 09, 2022

Microsoft Exchange Server Elevation of Privilege Vulnerability

CVE-2022-41040 8.8 - High - October 03, 2022

Microsoft Exchange Server Remote Code Execution Vulnerability

CVE-2022-41082 8 - High - October 03, 2022

Microsoft Exchange Server Information Disclosure Vulnerability

CVE-2022-34692 5.3 - Medium - August 09, 2022

Microsoft Exchange Server Information Disclosure Vulnerability

CVE-2022-21979 4.8 - Medium - August 09, 2022

Microsoft Exchange Server Elevation of Privilege Vulnerability

CVE-2022-21980 8 - High - August 09, 2022

Microsoft Exchange Server Elevation of Privilege Vulnerability

CVE-2022-24477 8 - High - August 09, 2022

Microsoft Exchange Server Elevation of Privilege Vulnerability

CVE-2022-24516 8 - High - August 09, 2022

Microsoft Exchange Server Information Disclosure Vulnerability

CVE-2022-30134 6.5 - Medium - August 09, 2022

Microsoft Exchange Server Elevation of Privilege Vulnerability

CVE-2022-21978 8.2 - High - May 10, 2022

Microsoft Exchange Server Spoofing Vulnerability

CVE-2022-24463 6.5 - Medium - March 09, 2022

Microsoft Exchange Server Remote Code Execution Vulnerability

CVE-2022-23277 8.8 - High - March 09, 2022

Microsoft Exchange Server Remote Code Execution Vulnerability

CVE-2022-21969 9 - Critical - January 11, 2022

Microsoft Exchange Server Remote Code Execution Vulnerability

CVE-2022-21855 9 - Critical - January 11, 2022

Microsoft Exchange Server Remote Code Execution Vulnerability

CVE-2022-21846 9 - Critical - January 11, 2022

Microsoft Exchange Server Spoofing Vulnerability

CVE-2021-42305 6.5 - Medium - November 10, 2021

Microsoft Exchange Server Remote Code Execution Vulnerability

CVE-2021-42321 8.8 - High - November 10, 2021

Microsoft
Vendor

Microsoft Exchange Server
Product